What is Data Governance and Why Should I Care?

Data governance is frequently referenced in today’s enterprise, but many IT teams have trouble wrapping their mind around such a broad concept. Also referred to as information governance, data governance refers to policies and procedures for managing data assets throughout an organization. That’s fine in theory but why is data governance such a big issue today and what does it mean in practical terms?

Old School Data Governance

Data governance may seem new but it’s been around since the 1800’s, when regulations were enacted to stamp out corporate collusion. Since then, organizations have used clunky manual processes to manage information in folders, filing cabinets and shelves, akin to what you might traditionally find in a library. Anyone who’s watched a TV detective show has witnessed a similar process, as crusty investigators dig through ancient filing cabinets in search of crime records.

Go with the Program

Financial, privacy, and other external regulations, carrying the prospect of financial penalties, are the biggest driver of modern data governance. For example, Sarbanes-Oxley, HIPAA and the General Data Protection Regulation (GDPR) recently adopted by the European Union have all spurred businesses to rethink how they capture, store and secure data. Managing risk and compliance becomes even trickier when data is subject to multiple, overlapping regulations.

Given the mountains of user information in enterprise data sets, ethical considerations are another big catalyst for data governance, as organizations work to ensure that sensitive data is adequately protected.

Data, Data Everywhere

Like a lot of things in this world, the quaint data governance systems of yesteryear have become more complex in light of new technologies – even in the last five years. Not only does data now emanate from thousands of sources, but it’s electronic, with virtually endless copies residing on local and remote networks. Data is also dynamic, accessed and altered by a limitless number of users.

Data Governance Today

While there’s variation between organizations, modern data governance broadly encompasses security, risk management, and records management. Not only does data governance help organizations protect data and avoid fines, it improves data visibility and sharing. Data governance also helps organizations improve efficiency and decision-making while reducing errors and redundancies.

Data governance varies by program and type of data, but the overarching trends remain the same: next gen data governance will play out in the cloud, for example, where data increasingly resides. And while small organizations may have less data to manage, larger organizations have no choice but to implement formal – and scalable – governance policies.

Who’s in Charge Here?

As the overseers of records management initiatives, CIOs are a key player in data governance. However, data governance has traditionally been fragmented, with HR, Finance, and records managers routinely getting into the act – especially in smaller organizations.Policy-setting committees including HR and Legal representatives are common as well.

Red Flags Abound

If data governance is all its cracked up to be, why does it give companies so much angst? For starters, outside regulations don’t provide guidance on how to handle data, leaving businesses to figure it out for themselves. Unequipped to achieve compliance, most companies compensate by archiving all their data on central file servers without understanding what they have or need. This everything-but-the-kitchen-sink approach presents enormous risks. Indeed, corporate executives are increasingly blamed, or even held liable, for data governance lapses.

Another barrier to data governance is the tendency of organizations to ignore data on endpoints outside of their firewall. It also doesn’t help when data quality is siloed or poor to begin with. Furthermore, when handled at the departmental level, data governance becomes fragmented, inconsistent and redundant.

Technology Tames the Beast

Like it or not, data governance is a must and organizations could get into big trouble without it. Companies need to identify stakeholders, define policies and implement controls. It’s also important to take stock of how information assets are cataloged, access controlled, and data managed and tracked over time. There are no magic bullets, but organizations can gain visibility and control by deploying dedicated, scalable technology solutions.

By adopting a proactive approach, working together in interdisciplinary teams, and using the right tools, companies can optimize how they store, access, manage and protect data. Regulations may drag some organizations kicking and screaming into the world of data governance, but visionaries will go on their own, knowing their efforts will achieve mission-critical business goals and save a lot of money and trouble in the process.

To learn more about how to address the risks of dispersed data across your organization, visit our Proactive Compliance web page or download our latest report below.